

Application No. 


Applicant(s) 


Notice of Allowability 


09/277.335 


KLEIN. DEAN A. 


Examiner 


Art Unit 






Ponnoreay Rich 


2135 





- The MAILING DATE of this communication appears on the cover sheet with the correspondence address- 
All claims being allowable. PROSECUTION ON THE MERITS IS (OR REMAINS) CLOSED in this application. If not included 
herewith (or previously mailed), a Notice of Allowance (PTOL-85) or other appropriate communication will be mailed in due course. THIS 
NOTICE OF ALLOWABILITY IS NOT A GRANT OF PATENT RIGHTS. This application is subject to withdrawal from issue at the initiative 
of the Office or upon petition by the applicant. See 37 CFR 1.313 and MPEP 1308. 

1 . S This communication is responsive to 12/27/2005 . 

2. Kl The allowed claim(s) is/are 1,3-10,12-15,17 and 18 , 

3. □ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (0- 

a) □ All b) □ Some* c) □ None of the: 

1. □ Certified copies of the priority documents have been received. 

2. □ Certified copies of the priority documents have been received in Application No. . 

3. □ Copies of the certified copies of the priority documents have been received in this national stage application from the 

International Bureau (PCT Rule 17.2(a)). 
* Certified copies not received: . 

Applicant has THREE MONTHS FROM THE "MAILING DATE" of this communication to file a reply complying with the requirements 
noted below. Failure to timely comply will result in ABANDONMENT of this application. 
THIS THREE-MONTH PERIOD IS NOT EXTENDABLE. 

4. □ A SUBSTITUTE OATH OR DECLARATION must be submitted. Note the attached EXAMINER'S AMENDMENT or NOTICE OF 

INFORMAL PATENT APPLICATION (PTO-152) which gives reason(s) why the oath or declaration is deficient. 

5. □ CORRECTED DRAWINGS ( as "replacement sheets") must be submitted. 

(a) □ including changes required by the Notice of Draftsperson's Patent Drawing Review ( PTO-948) attached 

1) □ hereto or 2) □ to Paper No./Mail Date . 

(b) □ including changes required by the attached Examiner's Amendment / Comment or in the Office action of 

Paper No./Mail Date . 

Identifying indicia such as the application number (see 37 CFR 1.84(c)) should be written on the drawings in the front (not the back) of 
each sheet. Replacement sheet(s) should be labeled as such In the header according to 37 CFR 1 .1 21 (d). 

6. □ DEPOSIT OF and/or INFORMATION about the deposit of BIOLOGICAL MATERIAL must be submitted. Note the 

attached Examiner's comment regarding REQUIREMENT FOR THE DEPOSIT OF BIOLOGICAL MATERIAL. 



Attachment(s) 




□ 




1. □ Notice of References Cited (PTO-892) 


5. 


Notice of Informal Patent Application (PTO-152) 


2. □ Notice of Draftperson's Patent Drawing Review (PTO-948) 


6. 




Interview Summary (PTO-413), 
Paper No./Mail Date 03092006 . 


3. □ Information Disclosure Statements (PTO-1449 or PTO/SB/08), 


7. 




Examiner's Amendment/Comment 


Paper No./Mail Date 








4. □ Examiner's Comment Regarding Requirement for Deposit 


8. 


□ 


Examiner's Statement of Reasons for Allowance 


of Biological Material 




□ 






9. 


Other 



U.S. Patent and Trademark Office 
PTOL-37 (Rev. 7-05) 



Notice of Allowability 



Part of Paper No./Mail Date 03092006 



Application/Control Number: 09/277,335 Page 2 

Art Unit: 2135 

EXAMINER'S AMENDMENT 

An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview 
with Mr. Eric Nelson on 3/9/2006. The application has been amended as follows: 

PLEASE AMEND THE FOLLOWING CLAIMS AS FOLLOWS: 
Claim 1 (currently amended): 

In a personal computer having encryption hardware and a processor, a method 
of storing data on one or more magnetic or optical data storage media in an encrypted 
form comprising: 

storing an identification code in a non-erasable memory during 
manufacture of the personal computer, wherein said identification code is 
defined at least in part by information associated with components of said 
personal computer; 

retrieving the identification code from the non-erasable memory in said 
personal computer; 

receiving user input; 

generating a cryptographic key derived at least in part from said 
identification code and the received user input; 
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retrieving a checksum from a configuration register in a bus-to-bus bridge 
in the personal computer, the bus-to-bus bridge storing information identifying 
which of the one or more magnetic or optical data storage media is selected to 
receive encrypted data; 

verifying the generated cryptographic key, wherein verifying comprises 
determining a checksum of the generated cn/ptographic key; 

retrieving information from a memory location; 

disabling encryption of data routed to one of the one or more magnetic or 
optical data storage media in response to said retrieved information: 

encrypting and decrypting data based on the disabling step , for storage on 
and retrieval from one of said the one or more magnetic or optical data storage 
media using said the generated cryptographic key, wherein the data is 
transmitted by the processor and is encrypted in the personal computer by the 
encryption hardware; and 

r e tr ie ving i nformation from a m e mory l oc a t i on; and 

d i sab li ng encryption of data rout e d to on o of m o dia in respons e to sa i d 
r e tr ie v e d information. 

storing the data in the one or more magnetic or optical data storage 
media either in encrypted form or non-encrypted form based on the disabling 
step. 



Claim 3 (currently amended): 
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The method of Claim 1, wherein said retrieving the identification code is 
performed without intervention by a host processor. 
Claim 4 (currently amended): 

The method of Claim 3, add i t i ona ll y compr i s i ng v e r i fy i ng sa i d k e y, wherein said 
verifying occurs without intervention of said host processor. 
Claim 5 (currently amended): 

A method of making a computer comprising: 

storing a hardware identifier in a non-erasable memory integrated circuit 
at the time of manufacture of tl=^e said computer, wherein the hardware identifier 
is defined at least in part by information associated with components of said 
computer, th e bus - to - bus br i dg e storing i nformat i on i d e nt i fying which data 
storag e m e dia is s ele ct e d to r e c e iv e e ncrypt e d data ; 

installing said non-erasable memory integrated circuit into said computer; 
providing a data path to the data storage media; 
providing a configuration register in a bus-to-bus bridge for storing a 
checksum , the bus-to-bus bridge storing information identifying which data 
storage media is selected to receive encrypted data ; 

coupling a logic circuit comprising an encryption engine to said data path; 

and 

connecting said non-erasable memory integrated circuit to said logic 
circuit, wherein the hardware identifier and a user input is used by the 
encrypting engine for encrypting data that is transmitted to the data storage 
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media and for decrypting data that is retrieved from the data storage media, and 
wherein the encryption engine verifies the generated cryptographic key using 
the checksum, and wherein the encryption engine is configured to disable 
encryption of data routed to the data storage media in response to information 
retrieved from a storage location. 

Claim 6 (currently amended): 

The method of Claim 5, wherein said a€t^ connecting comprises routing a 

serial data bus from said non-erasable memory integrated circuit to said logic circuit. 

Claim 7 (currently amended): 

In a computer system comprising a processor and encryption hardware and at 

least one data storage device, a method of data storage comprising: 
receiving user input; 

transmitting data from the processor in the computer system to the 
encryption hardware in the computer system; and 

generating a cryptographic key derived at least in part from the received 
user input and information that is stored in a non-erasable memory in said 
computer system during manufacture of said computer system; 

retrieving a checksum from a configuration register in a bus-to-bus bridge 
in the said computer system, the bus-to-bus bridge register storing information 
identifying which storage device is selected to receive encrypted data; 

verifying the generated cryptographic key, wherein verifying comprises 
determining a checksum of the generated key; 
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retrieving information from a memory location: 

disabling encryption of data routed to said selected data storage device in 
response to said retrieved information: 

encrypting and decrypting, in the encryption hardware, user generated 
data with an encryption process that uses the generated cryptographic key , the 
encrypting and decrypting being based on the disabling step : 

r e tr ie ving informat i on from a m e mory location; and 

d i sab li ng e ncrypt i on of data rout e d to sa i d data stor a g e d e v ice i n 
r e spons e to said r e tri e v e d information. 

storing the data in the at least one storage device either in encrypted 

form or non-encrypted form based on the disabling step. 
Claim 10 (currently amended): 

The method of Claim 9, additionally comprising the act of deriving an 
encryption key at least in part from said multi-bit identification code. 

Claim 13 (currently amended): 

The method of Claim 1 , wherein encrypting data for storage is performed on an 
encrypting device that is positioned in a data path between a central processing unit 
and th e data storag e m e dium one of the one or more magnetic or optical data storage 
media. 

Claim 14 (currently amended): 
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The method of Claim 1 , wherein all data that is transmitted to the one or more 
magnetic or optical data storage data storage media is encrypted. 
Claim 15 (currently amended): 

In a personal computer having encryption hardware and a processor, a method 
of storing data on one or more magnetic or optical data storage media in an 
encrypted form comprising: 

storing an identification code in a non-erasable memory during 
manufacture of the personal computer, wherein said identification code is 
defined at least in part by information associated with components of said 
personal computer; 

retrieving the identification code from the non-erasable memory in said 
personal computer; 

receiving user input; 

generating a cryptographic key derived at least in part from said 
identification code and the received user input; 

retrieving a checksum from a configuration register in a bus-to-bus 
bridge circuit in tt=ve said personal computer, the bus-to-bus bridge circuit storing 
information identifying which of said one or more magnetic or optical storage 
media is selected to receive encrypted data; 

verifying the generated cryptographic key, wherein verifying comprises 
determining a checksum of the generated key; 

retrieving information from a memory location: 
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disabling encryption of data routed to one of said storage media in 
response to said retrieved information; 

encrypting and decrypting data based on the disabling step, for storage 
on and retrieval from one of said one or more magnetic or optical data storage 
media using said cryptographic key, wherein the data is transmitted by the 
processor and is encrypted in the personal computer by the encryption 
hardware, and wherein the encryption hardware is part of the bus-to-bus bridge 
circuit; and 

r e tr ie ving i nformation from a m e mory location; 

d i sabling e ncrypt i on of data rout e d to on e of said storag e m e d i a i n 
r e spons e to s a id r e tr ie v e d i nformat i on. 

storing the data in the one or more magnetic or optical data storage 
media either in encn/pted form or non-encrypted form based on the disabling 
step. 

Claim 17 (currently amended): 

The method of Claim 15, wherein said retrieving the identification code is 
performed without intervention by a host processor. 

Claim 18 (currently amended): 

The method of Claim 17, add i tiona ll y compr i s i ng v eri fy i ng sa i d k e y, wherein 
said verifying occurs without intervention of said host processor. 
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Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Ponnoreay Rich whose telephone number is 571-272- 
7962. The examiner can normally be reached on 9:00am-4:30pm Mon-Fri. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 571-272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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